Wardle, a former National Security Agency analyst who is director of research at Redwood City startup Synack, has released a software tool that attempts to detect ransomware on Apple computers. Although it was Tuesday evening in Maui, where he lives, in most of the world, it was already April 20 — the 4/20 holiday observed by marijuana enthusiasts.

“I figured a lot of ransomware authors would be high, so maybe they wouldn’t notice,” he joked.

Ransomware is a type of malware that encrypts a computer’s files, rendering them unreadable, and then holds the key needed to unlock them for ransom — usually between $200 and $10,000, according to the FBI, which has been warning consumers and companies about the growing problem.

That’s a different approach from most ransomware blockers for Windows machines, which typically try to detect the presence of specific ransomware code on a machine. RansomWhere focuses instead on malicious programs’ behavior.

“There are many ways to tackle the threat of ransomware, and new tools on platforms outside of Windows can only help to stimulate debate as to where exactly this threat may arrive next,” said Marcin Kleczynski, chief executive officer of Santa Clara antimalware software maker Malwarebytes. “The new daily versions of ransomware on Windows are a reminder that this problem isn’t going away anytime soon.”

Kleczynski’s company is offering a free version of its own antiransomware tool, which, like RansomWhere, monitors encryption events and determines whether they’re legitimate or malicious. The Malwarebytes tool is still being tested.

Wardle built RansomWhere after he saw reports about KeRanger, the first known ransomware that works on the Macintosh operating system. While ransomware is already prevalent on Windows machines, Wardle believes it’s only a matter of time before more Macs become targets.

People can download RansomWhere from Wardle’s website, Objective-See, an online home for the software tools that he has built to protect his own Mac computers.

“This is my side hobby,” he said. “I really love reverse engineering malware” — closely reading the code of malicious software to understand how it works and thereby defeat it.

“I basically want to protect my Mac and write tools, and then, I guess, sharing is caring,” said Wardle, who has five Apple laptops — two for work and three personal devices.

Wardle doesn’t think RansomWhere is a cure-all for ransomware. At best, it serves as an early-warning system after the first few files get encrypted. It would not be able to stop a program that first copies files out of a users’ home directories, encrypts them, and then deletes the originals, for example, because of the way Wardle designed it.

Even so, he says, there is value in releasing the software.

“One of my main goals is just to get people to talk about this, so we can (collectively) tackle this problem, because I think this is going to take a lot of teamwork, and the current methods to detect malware weren’t working,” Wardle said.

Sean Sposito covers information security and data privacy for The San Francisco Chronicle; previously, he was a data specialist at the Atlanta Journal-Constitution. His byline has appeared in American Banker, the Newark Star-Ledger, the Boston Globe, the Arkansas Democrat-Gazette and The Record of Bergen County, NJ.

He’s also a former data analyst at the National Institute of Computer Assisted Reporting.